Using faulty data to demand settlements from innocent surfers

A Princeton researcher finds himself bombarded with demands to pay up after …

Content industries are pushing "three-strikes" Internet disconnection laws around the world, but how accurate are the detection methods used to bust online infringers? Princeton computer scientist Mike Freedman says that there's still a big need for improvement after one of his projects attracted 100 warning and settlement letters in September 2009 alone, despite not actually sharing the files in question.

The root of the problem, he noted in a blog entry last week, is that some investigators do an absolute minimum of work before dashing off a warning letter. In this case, the "Video Protection Alliance" sent Freedman's CoralCDN project letters without apparently verifying that CoralCDN was swapping the files in question; instead, it looks as though the Alliance grabbed IP addresses from a BitTorrent tracker and trusted the tracker to be totally accurate.

A BitTorrent tracker coordinates the various peers in a "swarm," keeping track of which users have which bits of a particular file. When a new machine joins a swarm looking for that file, it is given a list of all peers which are sharing parts of it. The system isn't necessary—newer "trackerless" BitTorrent setups can operate without a tracker—but it remains common, and it's a simple way for investigators to quickly grab long lists of "pirate" IP addresses.

This only works if a tracker is passing out reliable information—a faulty assumption. Tracker operators aren't interested in making their trackers simple enforcement tools for the content police, so some popular sites purposely add legitimate, non-infringing addresses to their trackers. The goal is to poison the well just enough that content owners can't use tracker data with impunity, but not so much that it degrades performance of the swarm.

Some links to Freedman's CoralCDN project were added to trackers for just this reason, and it didn't take long before the letters began pouring in. According to Freedman, they aren't simple warning letters, either; the Video Protection Alliance also demands that letter recipients contact it in order to pay a settlement, or risk a federal copyright infringement trial.

Indeed, settlements appear to be VPA's entire business; the company exists to be the "fast, secure and convenient way to settle your copyright violations online" for a "nominal" fee. The fee is nominal enough to ensure that it's cheaper to settle than to hire a lawyer. As the company's FAQ says, "It is likely that the cost incurred to retain a lawyer will exceed the settlement amount offered. The decision to hire a lawyer is entirely up to you."

VPA is a newcomer to the "settle or we'll sue" world, launching earlier this year with a focus on "the adult industry." Other firms such as MediaSentry (which used to do RIAA investigations) make it a policy to connect directly to infringers' machines and download at least parts of files, but Freedman believes that VPA is taking a shortcut and just grabbing addresses from BitTorrent trackers, then blasting out its notices.

The takeaway is plain: we can argue about whether Internet sanctions and disconnections are good policy, and we can argue about how best to implement that policy and its safeguards, but any such policies that act on these accusations from rightsholders have to be grounded on good data. If not, printers, open content delivery networks, and plenty of individuals could find themselves in the Internet penalty box, trying frantically to prove a negative.

Originally posted by robrob:Is there anything actually illegal about what VPA are doing here? It seems an immoral, flawed and disgusting practice, but are they actually doing anything wrong?

Threatening a lawsuit unless you pay a settlement amount to them has a pretty strong smell of blackmail/extortion about it.

Their site doesn't seem to have any evidence of their legitimacy either.

If I had to make a guess I'd say they're relying on people settling to avoid a lawsuit naming all the adult videos they'd allegedly downloaded (e.g. give us $5K or we'll go through with a lawsuit. Even if you win that lawsuit, you'll still be known as the guy who got sued for downloading Backdoor Sluts 9).

As the company's FAQ says, "It is likely that the cost incurred to retain a lawyer will exceed the settlement amount offered. The decision to hire a lawyer is entirely up to you."

Liberty and ju$tice for all...

That's a problem with the legal system in general, not just this specific example. The best an individual can do is for a lawyer to do pro-bono work. Some might if the evidence is as "faulty" as everyone claims.

Originally posted by archer:(e.g. give us $5K or we'll go through with a lawsuit. Even if you win that lawsuit, you'll still be known as the guy who got sued for downloading Backdoor Sluts 9).

heh, i think i read about a porn company doing something like that.

basically, they had a page where you could order some service or other, and the credit card charge was to some random, inoffensive company name.

but then they failed to supply and was ordered by the court to pay back. And so they did. By sending a check with the porn company logo clearly visible on it

Someone really did that? LOL I remember that being in the Guy Ritchie Film, "Lock, Stock, and two smoking barrels." Maybe that's where he got it from.

I can only imagine that there will be more immoral, unethical schemes like these in the days to come. It's a sad thing really, but hopefully all the torrent sites go to the new trackerless system and make it a bit harder on arseclowmns..

Shit, Im in the wrong business, Oh wait... yeah thats it, I still have scruples. The company in the article seems like nothing more than a profit center, and not actually delivering any kind of value. And it is using apparently un substantiated legal threats to do so. And its based out of Jersey.Go figure.

btw, lock stock and two smoking barrels is a great film, somehow Im not surprised to see the film mentioned when talking about an outfit like this.

Edit: take a gander around their website, it really reveals alot about the business in question

How do I 'poison the well' with IP addresses from Media Sentry, RIAA HQ, Mitch Bainwol (RIAA CEO), and every senator and congressman's home and work computer?

Once the letters start flying to all these people, I'm sure this will get the attention it deserves.

No wait. Hold off until 3 strikes is introduced. 'Poison the well' of torrents with IP addresses of every large company (Haliburton, GE, etc), every senator and congressman taking them all off-line until new legislation resolves it.

Originally posted by nzruss:How do I 'poison the well' with IP addresses from Media Sentry, RIAA HQ, Mitch Bainwol (RIAA CEO), and every senator and congressman's home and work computer?

Once the letters start flying to all these people, I'm sure this will get the attention it deserves.

No wait. Hold off until 3 strikes is introduced. 'Poison the well' of torrents with IP addresses of every large company (Haliburton, GE, etc), every senator and congressman taking them all off-line until new legislation resolves it.

Originally posted by nzruss:How do I 'poison the well' with IP addresses from Media Sentry, RIAA HQ, Mitch Bainwol (RIAA CEO), and every senator and congressman's home and work computer?

Once the letters start flying to all these people, I'm sure this will get the attention it deserves.

No wait. Hold off until 3 strikes is introduced. 'Poison the well' of torrents with IP addresses of every large company (Haliburton, GE, etc), every senator and congressman taking them all off-line until new legislation resolves it.

That's a problem with the legal system in general, not just this specific example. The best an individual can do is for a lawyer to do pro-bono work. Some might if the evidence is as "faulty" as everyone claims.

The key might be to change from individuals to a group to fight this kind of thing. Would some sort of class-action suit against this thinly disguised blackmail work?

How's that copy right support looking now? And yet we keep leaving the door open so that people can do stupid things in the name of copy right. The world has changed. Information is nearly valueless as it is no longer a scarce commodity. By artificially treating like it is we just cause greater problems. And by allowing companies to file suit with a simple IP address for proof is almost criminally negligent in itself. If you are going to hold someone accountable for their actions, you need to be certain they performed those actions. That's where copy right infringement prosecution loses me. They can take an address that is very simply manipulated to falsify information and it is used to cause someone massive financial damages. Something happens with your IP address and you owe someone else 2.5 million dollars? How is that even logical. I would like to see copy right go away, if it can't be reformed to take current technology and psychology into account. Or if you will prosecute people reform law so that you need something more concrete then an IP address, especially if you are going to ruin someones life.

regardless of the scare mongering last time i looked the people who got the multimillion dollar penalties had all had their computers seized and either there was infringing material or some very dodgy explanations as to why the computer was not in the state it was at the time it was supposedly infringing.

Therefore the whole multi million fine from an ip addrsss is a falsehood, yes it might be the starting point to get hold of your ocmputer but if you are innocent there will not be a problem.

Ostracus, how often do we need to discuss the abuse before the system is fixed? Days? Months? Years? I suppose your logic is that it is better to have a fundamentally flawed system then to have no system at all. And tell me exactly what we lose if we abolished copy right? The whole world would grind to a screeching halt right? Nothing would ever be created again? Profit motive is the only reason anything is created? What did we ever do before copy right? Oh that's right information was a scarce commodity no easily duplicated. And when it became simple to do so we needed to protect it and that protection resulted in an explosion of creativity that has benefited us to this very day right? The framers of the constitution didn't even want to put it in because of how easily it can be abused. And it is. But copy right is good right?

Well Cerin218 I wouldn't consider throwing the entire idea of copyright out "fixing it" any more than I would consider throwing out the entire legal system because an ex-con/cop killer killed four cops. As for what we'd lose? Look around your 21st century dwelling. There's other things we'd lose as well. But really the main issue with this extreme solution is that it assumes all other solutions have already been tried.

The U.S. Senate Sergeant at Arms owns the IP block 156.33.0.0 to 156.33.255.255. Requests to learn the mapping of these thousands of IPs were not responded to at press time. However, the lower 100 blocks of addresses appear to be mapped to the 100 Senators based on their state's alphabetical listing. This was partially confirmed using e-mail responses from the offices of Senators; where the originating computer was connected to the network directly and was not a part of block 222 (a section which seems to be reserved for servers), the IP addresses matched the predicted pattern.

Originally posted by gmerrick:[QUOTE]Originally posted by Glassy:I don't see why some enterprising and noble knight doesn't take it on themselves to get some congressional IP addresses seeded into as many top torrents as possible.

They won't listen to their "constituents", but maybe if they themselves get blackmailed then they'll start to pay attention to the ruin they're visiting on the country they swore to serve.

"Ask not what your country can do for you, ask what you can do for your country." Psh. Poor soul must be rolling in his grave now. Go, go, United Corporations of America.

At which point you will be called a terrorist, charged with conspiracy and then sent to be waterboarded for 2 years until you give up information on why their name came up on a Brittney Spears album torrent

Originally posted by archer:(e.g. give us $5K or we'll go through with a lawsuit. Even if you win that lawsuit, you'll still be known as the guy who got sued for downloading Backdoor Sluts 9).

heh, i think i read about a porn company doing something like that.

basically, they had a page where you could order some service or other, and the credit card charge was to some random, inoffensive company name.

but then they failed to supply and was ordered by the court to pay back. And so they did. By sending a check with the porn company logo clearly visible on it

I doubt that Guy Richie came up with the joke, but it's from Lock, Stock, and Two Smoking Barrels:

quote:

Listen to this one: you open a company called the "Arse Tickler's Faggots Fan Club". You take out an advert in the back page of some gay mag, advertising the latest in arse-intruding dildos. You sell it with, I dunno, "does what no other dildo can do until now", "the latest and greatest in sexual technology", "guaranteed results or your money back", all that bollocks. Now these dils cost twenty-five quid a pop – that's a snip for the amount of pleasure they're gonna give the recipients. But they send their cheques to the other company name, nothing offensive, er, "Bobbie's Bits" or something, for twenty-five quid. You take that twenty-five quid, you stick it in the bank until it clears. Now, this is the smart bit – you send back the cheque for twenty-five pound from the other company name, "Arse Tickler's Faggots Fan Club", saying we're sorry, we couldn't get the supplies from America because they ran out of stock. Now you see how many people cash that cheque – not a single soul, because who wants their bank manager to know they tickle arse when they're not paying cheques?

I find it interesting that even low-brow humor outlets like Cracked have picked up now on the copyright infringement "scams" going on, but yet our Congresscritters won't.

@Ostracus: I think there's two different ways one can look at the extremity of the whole "abolish copyright" suggestion: 1) an extremist solution to a broken problem that may just wind up creating a whole new set of unforeseen problems as a result; 2) a revolutionary solution. The latter one I'm referring to, for example, civil rights. Martin Luther King Jr. didn't call just for blacks being allowed to use the same water fountains as whites but still have to sit on the back of the bus. It was an all-or-nothing matter. Well, this could perhaps be of the same vein.

I'm not saying that abolition of copyright is for certain the proper action to take, but it is a fact that the world and society did exist before copyright; and that fact does indicate that society is likely still able to function without its presence. Really, the main thing we need to decide is if its presence is something we wish to keep around in any form or not. That will determine which route we should take on fixing the problems with copyright.

But really the main issue with this extreme solution is that it assumes all other solutions have already been tried.

The flaw in your argument is that the content industries seem unwilling to try the alternative solutions either. How about we set copyright terms back to 14 years and repeal the DMCA anti-circumvention provisions and see what happens? Maybe people will have more respect for copyright if they view the social contract as having a little fairness in it?

Even if you don't agree that those sort of options would be better, if your argument is that we need to try some alternatives before going straight to abolition, then let's try some and collect the data. We can always go back to the current system if it turns out none of that stuff works any better, right?

But keep in mind, I don't want to hear "OK let's try it" from you, I want to hear it from the people standing in the way of trying it. I want to see them advance a "solution" to the "problem" that involves something other than making copyright stronger or the rights of the public weaker.

But really the main issue with this extreme solution is that it assumes all other solutions have already been tried.

The flaw in your argument is that the content industries seem unwilling to try the alternative solutions either. How about we set copyright terms back to 14 years and repeal the DMCA anti-circumvention provisions and see what happens? Maybe people will have more respect for copyright if they view the social contract as having a little fairness in it?

Even if you don't agree that those sort of options would be better, if your argument is that we need to try some alternatives before going straight to abolition, then let's try some and collect the data. We can always go back to the current system if it turns out none of that stuff works any better, right?

But keep in mind, I don't want to hear "OK let's try it" from you, I want to hear it from the people standing in the way of trying it. I want to see them advance a "solution" to the "problem" that involves something other than making copyright stronger or the rights of the public weaker.

Only one thing to say. Wish in one hand and defecate in the other. Now see which fills first. I can guarantee it won't be the one with wishes for copyright holders advocating fair copyright legislation instead of the draconian mess they've created for themselves. People generally hold more respect for respectable laws.

I'm not saying that abolition of copyright is for certain the proper action to take, but it is a fact that the world and society did exist before copyright; and that fact does indicate that society is likely still able to function without its presence.

And would we have the present society who's fruits we daily enjoy if there wasn't IP? It's easy to always say "the grass was greener back then" as one doesn't look too closely as to what "back then" was. The present system needs work no doubt, but the past was no creators utopia.

quote:

That will determine which route we should take on fixing the problems with copyright.

The complaining about IP is much like the complaining about politics. Everyone has their personal evil, but when it comes to trying the socially prescribed solutions, people limit their efforts to yelling at the TV, and with some teeth pulling, voting. To paraphrase people get the system they deserve.

Originally posted by Ostracus:The complaining about IP is much like the complaining about politics. Everyone has their personal evil, but when it comes to trying the socially prescribed solutions, people limit their efforts to yelling at the TV, and with some teeth pulling, voting. To paraphrase people get the system they deserve.